Anti-Phishing tool is a simple python script tool that allows you to flood phishing websites with fake auto-generated email and passwords to the point where their servers crash and or they can't find a real user in the sea of millions of fake accounts generated by this tool. Use at own risk and only at people with malicious intentions.
The guide below will teach you how to use the Anti-Phishing Tool, and how to extarct the relevant information to execute this anti phishing attack.
- 1: Download the Anti-Phisher.zip
- 2: Run the Anti-Phisher Tool, but don't type anything yet. (Make sure to run the exe inside the default folder it came with)
- 3: Now find a phisher website. I found one in my e-mail that looks like this:
- 4: Click the link to the phisher website. Even if the websites look totaly legit you can often spot it by their URL.
- 5: Once we are on a phisher website, hit F12 in Google Chrome.
- 6: Navigate to the "Network" tab and make sure to click the Preserve log button.
- 7: Fill in a fake email adress and password as seen above. DO NOT USE REAL INFORMATION
- 8: Hit login and look for suspicious files. I found this named addLogin.php
- 9: Click the file once to view the header content.
- 10: At the top of this file, find the "Request URL"
- 11: Copy this URL and paste it into the URL input in the Anti-Pisher Tool command line window.
- 12: Scroll down to the bottom of the header content page until you see the "Form Data" section.
- 13: Copy everything from the text before the ":" NOT THE FORM-INFO YOU PROVIDED (this can be everything from login_email to 424fg23gfg4gfh23ggv32 depending on their code)
- 14: Paste this string into the input in the Anti-Pisher Tool command line window.
- 15: Now do the same for the password section. Same rules as above applies.
- 16: Hit enter and if you command line keeps going like this, you have done everything correct;
